CIFS Account Password Never Expires

Severity

CVSS

Published

Added

Modified

7

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

October 31, 2004

October 31, 2004

July 11, 2012

Description

The CIFS account does not require password expiration. This is a
security risk. Having no password expiration allows a hacker to
launch a brute force attack to guess the user's password. This
can be done with greater success over a prolonged period of time
if the password never expires.